Update main.yml #29
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Snyk CLI Scans | |
| on: | |
| push: | |
| branches: [ main ] | |
| # pull_request: | |
| # branches: [ main ] | |
| # | |
| jobs: | |
| snyk-pipeline: | |
| runs-on: ubuntu-latest | |
| name: Snyk CLI Scans | |
| env: | |
| SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - name: Download Snyk | |
| run: | | |
| wget -O snyk https://static.snyk.io/cli/latest/snyk-linux | |
| chmod +x ./snyk | |
| mv ./snyk /usr/local/bin/ | |
| - name: Authenticate Snyk | |
| run: snyk auth ${SNYK_TOKEN} | |
| - name: Run Snyk Code | |
| run: snyk code test --sarif-file-output=snyk_sast_results.json | |
| continue-on-error: true | |
| - name: Upload SARIF file | |
| uses: github/codeql-action/upload-sarif@v3 | |
| with: | |
| sarif_file: snyk_sast_results.json | |
| - name: Use the Upload Artifact GitHub Action | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: snyk_sast_results_json | |
| path: snyk_sast_results.json | |
| - name: Install packages | |
| run: mvn install | |
| - name: Run Snyk Test | |
| run: snyk test --all-projects | |
| continue-on-error: true | |
| - name: Run Snyk Monitor | |
| run: snyk monitor --all-projects | |
| continue-on-error: true |